dolphinscheduler
dolphinscheduler copied to clipboard
apache
[Improvement] Use safe constructor with snake yaml
Purpose of the pull request
Brief change log
Verify this pull request
This pull request is code cleanup without any test coverage.
(or)
This pull request is already covered by existing tests, such as (please describe tests).
(or)
This change added tests and can be verified as follows:
(or)
If your pull request contain incompatible change, you should also add it to docs/docs/en/guide/upgrede/incompatible.md
Codecov Report
Attention: Patch coverage is 25.00000% with 9 lines in your changes are missing coverage. Please review.
Project coverage is 40.45%. Comparing base (
7c8fa9b) to head (fd251c7). Report is 1 commits behind head on dev.
:exclamation: Current head fd251c7 differs from pull request most recent head f606e31. Consider uploading reports for the commit f606e31 to get more accurate results
| Files | Patch % | Lines |
|---|---|---|
| ...scheduler/common/utils/ClassFilterConstructor.java | 0.00% | 9 Missing :warning: |
Additional details and impacted files
@@ Coverage Diff @@
## dev #15758 +/- ##
============================================
- Coverage 40.46% 40.45% -0.01%
- Complexity 5195 5196 +1
============================================
Files 1378 1379 +1
Lines 46084 46093 +9
Branches 4923 4924 +1
============================================
+ Hits 18646 18648 +2
- Misses 25512 25518 +6
- Partials 1926 1927 +1
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
This is a case where unit test is helpful and should be mandatory, to verify that the nested types can be parsed without error. Can you add some?
Sure
Quality Gate failed
Failed conditions
21.4% Coverage on New Code (required ≥ 60%)
See analysis details on SonarCloud
![sonarqubecloud[bot] avatar](https://avatars.githubusercontent.com/in/12526?v=4 "Published by a pub.dev verified publisher"){kind=small}
I am new to DS and have a question here.
Login users are allowed to exectue code on worker side by default, then do we still need to worring about security issues inside modules of org.apache.dolphinscheduler.plugin.task?
I am new to DS and have a question here. Login users are allowed to exectue code on worker side by default, then do we still need to worring about security issues inside modules of
org.apache.dolphinscheduler.plugin.task?
I think it's normal for the server to execute certain commands to the worker. However, security issues such as those in the org.apache.dolphinscheduler.plugin.task module affect the server, not the worker.
Hi @an5er ,do you mean that https://github.com/apache/dolphinscheduler/blob/08ac1322864edf42903c7c03942fcad62c37da35/dolphinscheduler-task-plugin/dolphinscheduler-task-api/src/main/java/org/apache/dolphinscheduler/plugin/task/api/k8s/impl/K8sTaskExecutor.java#L143-L149 runs on the master machine?
Hi @an5er ,do you mean that
https://github.com/apache/dolphinscheduler/blob/08ac1322864edf42903c7c03942fcad62c37da35/dolphinscheduler-task-plugin/dolphinscheduler-task-api/src/main/java/org/apache/dolphinscheduler/plugin/task/api/k8s/impl/K8sTaskExecutor.java#L143-L149
runs on the master machine?
No, it runs on the machine where the dolphinscheduler is deployed, not in the k8s cluster.
This is a case where unit test is helpful and should be mandatory, to verify that the nested types can be parsed without error. Can you add some?
Sure
@EricGao888 will you update this pr?
This is a case where unit test is helpful and should be mandatory, to verify that the nested types can be parsed without error. Can you add some?
Sure
@EricGao888 will you update this pr?
Yes, but later this week. Quite busy recently. 😢
This is a case where unit test is helpful and should be mandatory, to verify that the nested types can be parsed without error. Can you add some?
Tests added.
Quality Gate failed
Failed conditions
18.8% Coverage on New Code (required ≥ 60%)
See analysis details on SonarCloud